Active Information Gathering involves doing something on a target network/server that could be directly traced back to you.
For example:
You run a web app scan, port scan, vuln scan etc. You may enter known bad characters in places of input such as ' < > to produce a crash/error.
Here you may be breaking the law/Terms of Service of your target network/server. You may show up in a log or security alert somewhere. You may be blocked by Intrusion Prevention Systems (IPS)/Firewalls.
Passive Information Gathering involves finding information via means that would not be directly tied back to you/your ip address. You might be browsing a site as a typical user. You might find information from whois/robtex/maltego/other public means.
No comments:
Post a Comment